Poka's connected worker platform for manufacturers leverages Amazon to store a variety of training content and user uploaded files that are then shared with downstream users as part of the application workflow. In order to meet SOC 2 compliance requirements to prove that all files were scanned for potential malware before they were shared by their solution, Poka implemented a homegrown solution leveraging an open-source virus detection engine, AWS Lambdas, and Amazon EFS as the main components. As their customer base and the volume of data and files grew, their in-house solution required increasing maintenance time to meet their real time scanning requirements.
The cost for AWS infrastructure was also increasing as the engineering team had to regularly manually readjust the file size limitations in Amazon EFS based on the volume of files that were waiting in the queue for malware scanning. Poka currently ingests and shares several terabytes of new “high risk” user uploaded files per month, and the volume is steadily increasing. At peak volumes, the existing solution required thousands of simultaneous connections between AWS Lambdas and Amazon EFS causing performance delays. At times, the engineering team would have to manually shut down an Amazon EFS and start a fresh instance in order to process all the files that were waiting to be scanned for malware.
After determining that their existing solution would require several weeks of development time to upgrade, Poka searched for a modern, cloud native solution on AWS Marketplace that would significantly reduce their maintenance time and scale easily to meet the usage of their growing customer base. After considering several products, they initiated a proof of concept with Cloud Storage Security Antivirus for Amazon S3.
Implementation and set up was fast and easy, taking only a few minutes to deploy the solution within their AWS infrastructure using AWS Fargate containers and AWS CloudFormation templates. Antivirus for Amazon S3 autodetected all of Poka’s Amazon S3 buckets across all of their AWS accounts and regions. The solution leveraged their existing Amazon S3 bucket SNS topics and events to feed its agents for real time scanning. Utilizing the solution’s exclusion rules and regex, Poka configured the agents to scan only high-risk files contained in specific paths within their Amazon S3 buckets and skip scanning files that were processed by Poka and deemed safe.
The autoscaling capabilities of Antivirus for Amazon S3 enabled Poka to meet its real time scanning requirement by spinning up scanning agents based on the volume of files in the scanning queue without manual intervention from the application team. Because the solution leverages Fargate containers, Poka can run several concurrent scanning agents to process files in real time at the same cost as running a single agent.
Results and Benefits
Antivirus for Amazon S3 has become a “set and forget” solution for Poka that requires minimal maintenance. Instead of spending 3-4 weeks of development time to upgrade their existing technology, Poka was able to deploy, test and configure our solution for production use in only a few hours. On an ongoing basis, Antivirus for Amazon S3 has also eliminated dozens of hours of maintenance time that was required to keep the former solution running and able to meet Poka’s real time scan requirements. The combined subscription fees and AWS infrastructure costs for running Amazon S3 were also lower than the AWS infrastructure costs for Poka’s home grown solution.
“Our home grown solution for scanning Amazon S3 for malware was becoming more time consuming to maintain.
Antivirus for Amazon S3 delivers consistent real time virus scanning with minimal management required and at a lower cost than our previous solution utilizing AWS Lambdas and Amazon EFS ”
Maxime Leblanc, Information Security Specialist
Moving forward with Cloud Storage Security
Customers interested in evaluating Antivirus for Amazon S3 can subscribe to a 30 day free trial on AWS Marketplace. The cloud native malware scanner can be installed in minutes, auto discovers all Amazon S3 buckets across multiple accounts and regions, provides immediate visibility into the prevalence of malware, and remediates problem and infected files based on user defined policies. Uniquely, Antivirus for Amazon S3 enables customers to scan their Amazon S3 environment in tenant with multiple virus detection engines for files as large as 200GB.
Poka is a connected worker app that gives factory workers the knowledge and tools they need to contribute to manufacturing excellence. The comprehensive platform combines digital content, collaboration, e-forms and skills management capabilities, enabling workers to learn, solve problems and share knowledge in real-time, on the factory floor. Poka was the recipient of the 2020 Open Bosch Award in recognition of outstanding innovation and was distinguished as one of 10 Connected Worker vendors in Gartner's Hype Cycle for Manufacturing Operations Strategy, 2020 Report. Poka is trusted by digital manufacturing leaders including Bosch, Nestle, Kraft Heinz, Danone, Mars, and Schneider Electric. https://www.poka.io/